ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and when it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the traffic than any server does, so you'll be able to keep track of what's going on with your websites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies if anyone is attempting to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts set off the corresponding rules and the firewall program hinders the attempts instantly, after that records in-depth information about them within its logs. ModSecurity is one of the best software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity is available on all web hosting machines, so when you decide to host your sites with our firm, they shall be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any website if needed, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our customers' sites seriously, we use a collection of commercial rules that we take from one of the leading companies that maintain this type of rules. Our admins also include custom rules to make certain that your sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you decide to host your Internet sites with our company, there shall not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you include via your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a particular Internet site or enable the so-called detection mode in which case the firewall shall still work and record data, but will not do anything to prevent potential attacks against your Internet sites. Detailed logs shall be readily available within your CP and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our admins sometimes add to respond to newly found threats in a timely manner.

ModSecurity in VPS Web Hosting

All virtual private servers that are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there will not be anything special that you will have to do to protect your websites. It'll take you only a click to stop ModSecurity if needed or to activate its passive mode so that it records what goes on without taking any steps to stop intrusions. You shall be able to view the logs generated in active or passive mode via the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall used to take care of it, and so on. We use a mixture of commercial and custom rules in order to ensure that ModSecurity shall prevent as many risks as possible, therefore increasing the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any application you upload or install shall be properly secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall discover in the logs shall enable you to to secure your websites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this information, you could see if a site needs an update, if you should block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones as well every time they discover a new threat which is not yet a part of the commercial bundle.